MitCVEs & Vulnerabilities

157 CVEs affecting Mit products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

kerberos 5 758kerberos 45krb5-appl 4mit kerberos 3scratch-svg-renderer 3cgiemail 2pgp public key server 2kerberos ftp client 1
CVE-2000-0546MEDIUM

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.

9 Jun 2000
5.0
CVSS
CVE-2000-0547MEDIUM

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.

9 Jun 2000
5.0
CVSS
CVE-2000-0548MEDIUM

Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.

9 Jun 2000
5.0
CVSS
CVE-2000-0549MEDIUM

Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.

9 Jun 2000
5.0
CVSS
CVE-2000-0550MEDIUM

Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.

9 Jun 2000
5.0
CVSS
CVE-2000-0390CRITICAL

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

16 May 2000
10.0
CVSS
CVE-2000-0391CRITICAL

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

16 May 2000
10.0
CVSS
CVE-2000-0392HIGH

Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.

16 May 2000
7.2
CVSS
CVE-2000-0389CRITICALpoc

Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.

16 May 2000
10.0
CVSS
CVE-1999-0713HIGH

The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.

11 Jun 1999
7.2
CVSS
CVE-1999-1321HIGH

Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.

5 Nov 1998
7.5
CVSS
CVE-1999-1296HIGH

Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.

29 Apr 1997
7.2
CVSS
CVE-1999-0143MEDIUM

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.

21 Feb 1996
4.6
CVSS
← PrevPage 4 / 4Next →